Thursday, June 18, 2009

Message from Nick Furneaux

"Hi everyone and welcome to the new forum covering Live and Network forensics.

My name is Nick Furneaux from CSITech and if you don't know me or have never sat in a classroom with me, then hello! Jamie has kindly asked if I would assist in the moderation of this forum and I was delighted to accept. If you are truly bored you can waste 90 seconds of your life and find out more about me on my poorly used blog at nickfurneaux.blogspot.com.

In the past 3 years or so the subject of so called live forensics has become an increasingly discussed topic and most investigators now believe that a live response to a running machine constitutes best evidence, often ahead of pulling the plug and continuing with a traditional disk image.

Whereas disk imaging has a certain accepted methodology and protocol associated with it, live response still has the feeling of the Wild West about it and as much work as possible needs to be done by the community to work towards a generally accepted method and process. Hopefully this forum, broken out from the melee of other topics will assist with that process.

This, of course, is not to ignore the vital area of network investigations that tends not to get such a 'following' in respect to forum postings, hopefully that will change.

We are fortunate to have some leading lights in these subjects contributing to Forensic Focus (you know who you are) and we welcome your continued positive contribution and input.